Let’s face it—Providing adequate IT security needs does indeed stifle innovation. How could anyone argue with that?
IT security is frustrating and gets in the way of productivity. IT security can be expensive—but less now thanks to all of the competition in the marketplace for IT security products and services. Heck—lots of IT security is built into the Microsoft Server operating systems—and even Windows 7 for that matter. One just has to “turn it on.”
To me, the key concept relating IT security and productivity is to get away from the “either, or” way of thinking. In other words, you CAN have BOTH security and productivity! If you feel you have to give up productivity to be secure, I feel confident there is a solution that will let you have lots of both.
Granted, almost always, there will be some compromise. You may have to choose between being:
- 90% secure and 100% productive, or
- 100% secure and 90% productive
The choice is up to whoever will be held responsible for a data breach—probably the owner, CEO, board etc for the organization. I generally lean to the first option in many cases.
Key point: This decision is NOT and I repeat NOT up to IT. I feel it is IT’s responsibility to alert executives to any such trade-offs so that the executives can make an informed decision since they have to live with the consequences of their choices.
I wonder just how much money in the purchase price of a new car has to do with the door locks and the key used to start the car? How much added frustration do we experience in our lifetimes due to having to lock, unlock, and start our cars with a key throughout our lives? Yet, our vehicles are productive and secure without having major conflicts between those two attributes.
On a tangent: If users could “see” someone stealing their data or borrowing their computer the way they could see someone borrowing their car, users would be more attentive to IT security.
Please post your comments on the blog.